Gold Allocation Manager

Managing Accounts

An account is a container for time-bounded resource credits valid toward a specific set of projects, users, and machines. Much like with a bank, an account is a repository for resource credits. Each account has a set of access control lists designating which users, projects, and machines may access the account. An account may restrict the projects that can charge to it. Normally an account will be tied to a single project but it may be tied to an arbitrary set of projects or ANY project. An account may restrict the users that can charge to it. It will frequently be tied to the the user MEMBERS of the associated project(s) but it may be tied to an arbitrary set of users or ANY user. An account may restrict the machines that can charge to it. It may be tied to an arbitrary set of machines, just the machine MEMBERS of the associated project(s) or ANY machine.

When resource credits are deposited into an account, they are associated with a time period within which they are valid. These time-bounded pools of credits are known as allocations. (An allocation is a pool of resource credits associated with an account for use during a particular time period.) By using multiple allocations that expire in regular intervals it is possible to implement a use-it-or-lose-it policy and establish a project cycle.

Accounts may be nested. Hierarchically nested accounts may be useful for the delegation of management roles and responsibilities. Deposit shares may be established that assist to automate a trickle-down effect for funds deposited at higher level accounts. Additionally, an optional overflow feature allows charges against lower level accounts to trickle up the hierarchy.

Operations include creating, querying, modifying, and deleting accounts as well as making deposits, withdrawals, transfers, and balance queries.

Creating Accounts

gmkaccount is used to create a new account. A new id is automatically generated for the account.

gmkaccount [-n account_name] [-p [+ | -]project_name [, [+ | -]project_name...]] [-u [+ | -]user_name [, [+ | -]user_name...]] [-m [+ | -]machine_name [, [+ | -]machine_name...]] [-d description] [—debug] [-? | —help] [—man] [—quiet] [-v | —verbose]

Note When creating an account, it is important to specify at least one user, machine, and project designation. If omitted, these will default to ANY.

Note It is possible to have accounts be created automatically when projects are created by setting the account.autogen configuration parameter to true (see Server Configuration). The auto-generated account will be associated with the new project, the user MEMBERS of the project and ANY machine.

Example 1. Creating an account

$ gmkaccount -p chemistry -u MEMBERS -m ANY -n "Chemistry"

Successfully created 1 Account
Successfully created 1 AccountProject
Successfully created 1 AccountUser
Successfully created 1 AccountMachine

Example 2. Creating a wide-open account

$ gmkaccount -p ANY -u ANY -m ANY -n "Cornucopia"

Successfully created 1 Account
Successfully created 1 AccountProject
Successfully created 1 AccountUser
Successfully created 1 AccountMachine

Example 3. Creating an account valid toward all biology project members except for dave and all machines except for blue

$ gmkaccount -p biology -u MEMBERS,-dave -m ANY,-blue -n "Not Dave"

Successfully created 1 Account
Successfully created 1 AccountProject
Successfully created 1 AccountUser
Successfully created 1 AccountUser
Successfully created 1 AccountMachine
Successfully created 1 AccountMachine